From 8855358381cff8156fe7a801d9201371034373a2 Mon Sep 17 00:00:00 2001
From: Thomas Rientjes <synzvato@protonmail.com>
Date: Sat, 9 Apr 2016 17:01:46 +0200
Subject: [PATCH] Apply audit tool security update

---
 data/_audit/package.json |  2 +-
 data/_audit/run.js       | 16 +++++++---------
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/data/_audit/package.json b/data/_audit/package.json
index 4e5cc79..2558466 100644
--- a/data/_audit/package.json
+++ b/data/_audit/package.json
@@ -1,6 +1,6 @@
 {
   "name": "decentraleyes-audit",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "author": "Thomas Rientjes",
   "license": "MPL-2.0",
   "description": "Library audit tool for Decentraleyes.",
diff --git a/data/_audit/run.js b/data/_audit/run.js
index 7098046..a513e7f 100644
--- a/data/_audit/run.js
+++ b/data/_audit/run.js
@@ -137,7 +137,7 @@ function _hashFileContents(fileContents) {
 
     var hash;
 
-    hash = crypto.createHash('md5');
+    hash = crypto.createHash('sha512');
 
     hash.setEncoding('hex');
     hash.write(fileContents);
@@ -148,20 +148,19 @@ function _hashFileContents(fileContents) {
 
 function _compareResources(localResourceContents, remoteResourceContents, URL) {
 
-    var hadSourceMappingURL = sourceMappingURL.existsIn(remoteResourceContents);
-    remoteResourceContents = sourceMappingURL.removeFrom(remoteResourceContents);
-
+    var hasSourceMappingURL = sourceMappingURL.existsIn(remoteResourceContents);
     var sourceMappingNotice = '[ ] REMOTE RESOURCE HAD SOURCE MAPPING URL';
 
-    if (hadSourceMappingURL) {
+    if (hasSourceMappingURL) {
+        remoteResourceContents = sourceMappingURL.removeFrom(remoteResourceContents);
         sourceMappingNotice = '[X] REMOTE RESOURCE HAD SOURCE MAPPING URL';
     }
 
     var localResourceHash = _hashFileContents(localResourceContents);
     var remoteResourceHash = _hashFileContents(remoteResourceContents);
 
-    console.log(localResourceHash);
-    console.log(remoteResourceHash);
+    console.log('RESOURCE HASH (SHA512): ' + localResourceHash);
+    console.log('RESOURCE HASH (SHA512): ' + remoteResourceHash);
 
     var fileHashesMatch = (localResourceHash === remoteResourceHash);
 
@@ -172,9 +171,8 @@ function _compareResources(localResourceContents, remoteResourceContents, URL) {
     }
 
     console.log();
-    console.log(sourceMappingNotice);
     console.log('[X] LOCAL AND REMOTE RESOURCE HASHES MATCH');
-
+    console.log(sourceMappingNotice);
 }
 
 function _showCompletedMessage() {
-- 
GitLab